Viewing AWS Service Control Policies
To view any AWS service control policies (SCPs) that you have created and/or have permission to view:
- In the left navigation menu, click Cloud Management > AWS Service Control Policies.
- You will see a list of all the AWS SCPs that you have permission to view. SCPs can be filtered by keyword using the Filters button on the top left, and they can be sorted alphabetically using the Sort dropdown on the top right. Use the arrow buttons on the top right to navigate through the pages of results. You can also click the add button at the top to add a new SCP.
For more information about SCPs, read the What is an AWS Service Control Policy? article.
You can click on the SCP name to visit its detail. Clicking the ellipsis menu on the right of a check gives you the option to:
- View - view the SCP.
- Edit - edit the SCP.
- Delete - delete the SCP.
AWS SCP Details: Overview Tab
Click the name of the SCP or View on the ellipsis menu to view the SCP's details page. This will take you to the Overview tab, which provides the following information:
- The name of the SCP is featured at the top of the screen.
- Description - optional description of the SCP.
- View Policy link - click this link to expand the Policy section, which shows the policy code for the SCP.
AWS SCP Details: Accounts Tab
Click the Account tab to view the accounts associated with this SCP, including the account name, account type, and status. The status shows whether the SCP is actively applied.
Accounts are associated with projects and OUs; SCPs are applied via a cloud rule, which can be applied to projects and OUs. The accounts associated with projects/OUs where the SCP's cloud rule has been applied are shown here. The SCP governs the accounts where the status shows Applied.
AWS SCP Details: Projects Tab
Click the Projects tab to view the projects associated with this SCP, including the project name and the application origin. Hover over the application origin marker to learn where the SCP was applied and learn its relationship to this project.
AWS SCP Details: OUs Tab
Click the OUs tab to view the OUs associated with this SCP, including the OU name and the application origin. Hover over the application origin marker to learn where the SCP was applied and learn its relationship to this OU.
AWS SCP Details: Cloud Rules
Click the Cloud Rules tab to view the cloud rules to which the SCP has been applied. You can click on the name of a cloud rule to view its details page.